Re: Reboot: Strategic goals for GNOME

["Lefty (石鏡 )" <lefty shugendo org>]

On 3/4/10 10:32 PM, "Liam R E Quin" <liam holoweb net> wrote:
>> 
>> Well, given this wide coverage, which I've somehow completely missed, there
>> shouldn't be much challenge to your producing an actual citation
> 
> I was a little looser than I should have been in my wording.

Oh, indeed?

> For media
> coverage of "warrentless wiretapping" (which includes monitoring of
> internet usage) see e.g. [1] and [2].

This has nothing to do with Facebook, particularly. I'm not happy with these
particular laws, but the answer is to try to get the laws changed, not
huddle in one's closet for fear of Facebook, nor to avoid anything that runs
on "a server".

> In addition, a subpoena from the
> FBI is different from a search warrant - it does not need to be signed
> by a judge[2]; supposedly "reasonable suspicion" is required, but no
> supporting evidence seems to be required, merely a claim. Similarly,
> financial transactions (I think in the US over $1,000) are reported
> automatically to the NSA.

I believe that this is all pretty standard stuff in the US, for better or
worse, and again doesn't apply especially to Facebook in any way. If this is
your reason for staying off Facebook, you shouldn't be on the Internet at
all. (And you might want to consider building a Faraday cage around your
house to ensure that no one from the NSA can capture your keystrokes.)

The gateway on financial transactions is $10,000, the same threshold at
which you have to declare the currency you're carrying going through US
Customs. To the best of my knowledge, every country, including EU members,
Japan, etc., institutes such a threshold to curtail money-laundering
activities. Again, nothing to do with Facebook.

If this sort of thing worries you, then perhaps staying off the internet
entirely would be the best thing.

> Facebook does have a stated 90-day data retention policy for IP logs,
> and I found a policy document relating to subpoenas [3] although it's
> not clear to me that it's authentic.

If it's not on Facebook's site, I don't see that it's authenticity can be
established, and I wouldn't rely on it.

That said, this document would seem to support what I've been saying, rather
than the claims that you and Mr. Stallman have been making: a warrant or
subpoena or the equivalent is indeed required to get user information out of
Facebook according to this document. I'm not sure what you intended by
referring to this, but it surely doesn't support the claims made here.

> There are (I discovered today) rumours that facebook was started by
> the CIA, because of indirect links from the original venture capital
> people [4], but that was not on my mind when I wrote (or meant to write)
> that information is indeed handed over without warrants.

And here we are, back to where we started. "Facebook is a front for the
CIA". The support for this claim, for those who care to read the story, is
excruciatingly sketchy.

By the sort of reasoning found in the articles cited (someone involved with
the funding of Facebook once worked with someone who once worked for the
CIA's venture capital arm), I suppose we could draw the conclusion that the
FSF is a CIA front as well, and "probably shares all your information with
them".

Specifically: 1) IBM has historically had close ties to the CIA, the NSA and
governmental agencies of the less-attractive sort, going back to pre-World
War 2 days, when they sold punch cards tabulators to the German authorities
which went on to see significant use in record-keeping at Dachau and other
concentration camps. 2) IBM is a top-line corporate patron of the FSF, and
provides significant funding to that organization.

QED.

If you'd care to go this route, perhaps we should encourage GNOME to avoid
using the Internet entirely "since the NSA reads everything you write".
Frankly, this stuff strikes me as being on the same level as "the US
government blew up the World Trade Center so they could _blame_ it on
AL-Qaeda."

I note, in passing, that the FSF has no apparent privacy policy at all,
outside of a very sketchy one applied solely to donations.

> Facebook's privacy statement is specific that they do not require a
> warrant [5]:
> 
> "We may disclose information pursuant to subpoenas, court orders, or
> other requests (including criminal and civil matters) if we have a good
> faith belief that the response is required by law" [...] "We may also
> share information when we have a good faith belief it is necessary to
> prevent fraud or other illegal activity, to prevent imminent bodily
> harm, or to protect ourselves and you from people violating our
> Statement of Rights and Responsibilities. This may include sharing
> information with other companies, lawyers, courts or other government
> entities"

The initial clause indeed says that they require a warrant or the
equivalent.

The second clause refers, in my reading, to cases in which a Facebook user
attempted to use Facebook to defraud other users, at which point I'd think
Facebook would?quite legitimately?alert the police to the situation and
present the evidence they had. I don't see an issue with that. Do you?

> The Statement of Rights and Responsibilities [6] explicitly says that
> "You will not use Facebook to do anything unlawful, misleading,
> malicious, or discriminatory.", so if you break the law you have broken
> the terms of use of facebook and lost your right to privacy.

I don't see the "lost your right to privacy part" in there. Maybe more loose
wording on your part?

> Social networking is very much in its infancy, and it's clear that the
> implications of this technology are not yet well understood by anyone.
> But we do understand that there _are_ implications, legal as well as
> social.

Well, what's been proposed is the GNOME should stay the hell away from them,
and from (apparently) anything that's "server-based".

I happen to disagree, but if the discussion is so difficult for people that
they feel they have to leave the list rather than face it, such suggestions
are indeed the better solution for GNOME.

Perhaps we should remove internet connectivity from GNOME entirely so as to
help people avoid these potential problems in a complete way; after all,
you're better off doing everything on your own computer, or so we've been
informed here.

If GNOME is looking for a way to increase its general insularity and
irrelevance, I'd say that following such suggestions would be an excellent
way to achieve that. Maybe you all should indeed concentrate on achieving a
better command line, so as to better address the "world problems" you're
reportedly solving.